Focus, Analyze and Identify Anomalies


The application is designed to define a baseline for each user and events related to the user, to create a reference and indentify normal or anomalous behavior. Each event is evaluated through the same situation and other factors. The UBA statistically detects if what occurring is acceptable or not by associating a risk factor to each action. UBA helps to survey the user’s behavior also considering the meaning of the action.

Behavior in a dashboard

Dashboard are user to diplay various aspects of the UBA application.
High-level widgets allows you to view behavior in different ways, including timeline and trend objects. Multi filter search permits you to focus the dashboard on your selections and highlight the meaningful information.

Anomaly report

Real time anomalies are also reported in a human readable form, so you’ll discover that: “User Jhon is involved in a privilege escalation event. This is the first time we’ve seen Jhon in this situation. This normally does not happen at 3AM. This leads us to think that this is a serious anomaly”.

User related risk

User behavior is also associated to risk categories to define a priority bases on the meaning of a particular event, not only on its volume. A set of dedicated widgets show, together with trend indicators, the risk associated to users. events and hosts impacted by user’s activity.

Quick Installation

No advanced configuration needed because the SGBox UBA automatically checks for all different situations. All the anomalies discovered became events that can be used in the correlation system. Events from UBA can start LCE rule and take reactions, by sending alarms or interacting with external tools by calling their API.

Try it Now!

If you’re interested in learning how SGBox User Behavior Analytics can help you
to discover anomalies in your network, request a trial version today.
We’d be proud to show you what we can do.

Request a demo
% of Renewals